Using Custom ObjectDefinitionSource
Hi Everybody,
I am trying to use Acegi for authentication and authorization. I want to have custom objectDefinitionSource which would retrieve values from database for authorization.
I went through the threads regarding "custom objectdefinitionSource" as well as "dynamic Authorization".
I did not quite understand the implementation that was given. So I tried implementing a class of mine. I wrote a sample class for my FilterSecurityInterceptor which would pick values from Properties file. This is my code:
applicationContext.xmlCode:public class MyDatabaseDrivenObjectDefinitionSource extends AbstractFilterInvocationDefinitionSource implements FilterInvocationDefinitionSource{ //private ActionDao actionDao; private Properties prop; public MyDatabaseDrivenObjectDefinitionSource() throws Exception{ // Create a hash table prop = new Properties(); prop.load(new FileInputStream("properties file path")); System.out.println("Properties present : " + prop.size()); } public ConfigAttributeDefinition lookupAttributes(String url) { System.out.println("LookupAttributes URL: " + url); ConfigAttributeEditor configAttrEditor=new ConfigAttributeEditor(); if (url == null) throw new NullPointerException("Parameter of url is null"); try { url = prepareUrl(url); System.out.println("url : " + url); String rolesStr = prop.getProperty(url); System.out.println("rolesStr : " + rolesStr); if(rolesStr != null){ configAttrEditor.setAsText( rolesStr.toString().substring(0,rolesStr.length()-1) ); ConfigAttributeDefinition configAttrDef=(ConfigAttributeDefinition)configAttrEditor.getValue(); return configAttrDef; } } catch (IncorrectResultSizeDataAccessException ex) { return null; } return null; } private String prepareUrl(String url) { String actionName = ""; url = url.toLowerCase(); if (url.charAt(0) == '/') url = url.substring(1); if (url.indexOf(".") != -1) actionName = url.substring(0, url.indexOf(".")); System.out.println("ActionName :" + actionName); if (prop.containsKey(actionName)) { System.out.println("ContainsKey = true"); if (url.contains("?")) { url = url.substring(0, url.indexOf("?")); } } if (url.contains("&")) url = url.substring(0, url.indexOf("&")); return url; } public Iterator getConfigAttributeDefinitions() { return null; } }
Code:<bean id="memoryAuthenticationDao" class="net.sf.acegisecurity.providers.dao.memory.InMemoryDaoImpl"> <property name="userMap"> <value> user=pass,ROLE_USER,ROLE_SUPERVISOR user1=pass,ROLE_USER user2=pass,ROLE_USER </value> </property> </bean> <bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="authenticationDao"> <ref local="memoryAuthenticationDao"/> </property> </bean> <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref bean="daoAuthenticationProvider"/> </list> </property> </bean> <bean id="authenticationProcessingFilter" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager"> <ref bean="authenticationManager"/> </property> <property name="authenticationFailureUrl"> <value>/login.jsp?error=1</value> </property> <property name="defaultTargetUrl"> <value>/</value> </property> <property name="filterProcessesUrl"> <value>/j_acegi_security_check</value> </property> </bean> <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/> <bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.UnanimousBased"> <property name="allowIfAllAbstainDecisions"> <value>false</value> </property> <property name="decisionVoters"> <list> <ref local="roleVoter"/> </list> </property> </bean> <bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"> <property name="filterSecurityInterceptor"><ref local="filterInvocationInterceptor"/></property> <property name="authenticationEntryPoint"><ref local="authenticationProcessingFilterEntryPoint"/></property> </bean> <bean id="httpSessionContextIntegrationFilter" class="net.sf.acegisecurity.context.HttpSessionContextIntegrationFilter"> <property name="context"><value>net.sf.acegisecurity.context.security.SecureContextImpl</value></property> </bean> <bean id="authenticationProcessingFilterEntryPoint" class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl"> <value>/login.jsp</value> </property> </bean> <bean id="myObjectDefinitionSource" class="com.voyager.MyDatabaseDrivenObjectDefinitionSource"/> <bean id="filterInvocationInterceptor" class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"> <ref bean="authenticationManager"/></property> <property name="accessDecisionManager"> <ref bean="accessDecisionManager"/></property> <property name="objectDefinitionSource"> <ref local="myObjectDefinitionSource"/> </property> </bean>
Using the above configuration, I am getting AccessDenied Exception
after login.
Any help regarding implementating objectDefinitionSource for FilterSecurityInterceptor, MethodSecurityInterceptor and ChannelProcessingFilter will also be helpful.
Any suggestions regarding this problem will be helpfull...
Thanks and Regards,
Shweta
